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AMENDMENTS TO THE CLAIMS 

This listing of claims will replace all prior versions, and 
listings, of claims in the application. 

LISTING OF CLAIMS 

1. (Withdrawn) A portable security system for managing access to 
a portable data storage cartridge, said data storage cartridge 
having data storage media for storing data for read/write access 
by a user of a data storage drive when mounted in said data 
storage drive, said portable security system comprising: 

a wireless interface mounted in said portable data storage 
cartridge for receiving power and data from, and sending data 
to, said data storage drive when mounted in said data storage 
drive; and 

a computer processor mounted in said portable data storage 
cartridge separate from said data storage media, and coupled to 
said wireless interface; said computer processor powered by said 
wireless interface and receiving and transmitting data to said 
data storage drive via said wireless interface; said computer 
processor having a user table comprising at least a unique user 
identifier for each authorized user and at least one permitted 
activity said user is authorized to conduct with respect to said 
data storage media, said user identifier, when combined with a 
user authentication message from said authorized user in 
accordance with a predetermined algorithm, authorizes said user; 
said computer processor receiving said user authentication 
messages from said data storage drive via said wireless 
interface, combining said user authentication message with at 
least part of said user identifier from said user table in 
accordance with said predetermined algorithm to authorize or 
deny said user activity, and transmitting said user 
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authorization or denial to said data storage drive via said 
wireless interface . 

2 . (Withdrawn) The portable security system of Claim 1, wherein 
said wireless interface comprises an RF interface. 

3. (Withdrawn) The portable security system of Claim 1, wherein 
each said user identifier comprises a user symbol and a user 
decrypting key, wherein said user authentication message 
comprises an encrypted user authentication message which may be 
decrypted by said user decrypting key, and wherein said computer 
processor conducts said combination by decrypting said user 
authentication message by said user decrypting key. 

4. (Withdrawn) The portable security system of Claim 3, wherein 
said user decrypting key comprises a sender public key, and 
wherein said predetermined algorithm comprises a public key 
cryptographic algorithm. 

5. (Withdrawn) The portable security system of Claim 4, wherein 
said user authentication message is encrypted by a sender 
private key and a receiver public key, and wherein said public 
key cryptographic algorithm decrypts said user authentication 
message employing a receiver private key and said sender public 
key, whereby said user authentication message is known to have 
come from said user. 

6. (Withdrawn) The portable security system of Claim 1, wherein 
said computer processor user table permitted activities comprise 
a plurality of permitted activities, selected ones of which each 
of said users may be authorized to conduct, said permitted 
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activities comprising 1) read access to data stored in said data 
storage media, 2) write access to data stored in said data 
storage media, 3) read the user entry of said user table, 4) 
read all entries of said user table, 5) add entries to said user 
table, and 6) change/delete entries to said user table. 

7. (Withdrawn) The portable security system of Claim 1, wherein 
said computer processor user table comprises a separate entry 
for each said user identifier and said permitted activity said 
user is authorized to conduct. 

8. (Withdrawn) The portable security system of Claim 1, wherein 
said computer processor user table comprises a separate entry 
for each said user identifier, said entry comprising all said 
permitted activities said user is authorized to conduct. 

9. (Withdrawn) The portable security system of Claim 1, wherein 
said computer processor additionally comprises a nonvolatile 
memory storing said user table. 

10. (Withdrawn) The portable security system of Claim 1, wherein 
said computer processor additionally comprises a class table 
comprising at least a unique class identifier for each 
authorized class of users and at least one permitted activity 
said class of users is authorized to conduct with respect to 
said data storage media, said class identifier, when combined 
with a user authentication message from a user of said 
authorized class of users in accordance with said predetermined 
algorithm, authorizes said user; and wherein said computer 
processor additionally, upon receiving said user authentication 
messages from said data storage drive via said wireless 
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interface, combining said user authentication message with said 
class identifier from said class table in accordance with said 
predetermined algorithm to authorize or deny said class activity 
to said user, and transmitting said class authorization or 
denial to said data storage drive via said wireless interface. 

11 . (Withdrawn) The portable security system of Claim 10, wherein 
said computer processor user table additionally comprises any 
class membership of each said user, wherein said user may be 
authorized with respect to said class table either by said class 
authorization or by said user authorization. 

12 . (Withdrawn) The portable security system of Claim 10, wherein 
said computer processor user table and said class table 
permitted activities comprise a plurality of permitted 
activities, selected ones of which each of said users may be 
authorized to conduct, said permitted activities comprising 1) 
read access to data stored in said data storage media, 2) write 
access to data stored in said data storage media, 3) read all 
entries of said class table, 4) add entries to said class table, 
and 5) change/delete entries to said class table. 

13 . (Withdrawn) The portable security system of Claim 10, wherein 
said computer processor additionally comprises a nonvolatile 
memory storing said user table and said class table. 

14 . (Withdrawn) The portable security system of Claim 1, wherein 
said data stored in said data storage media is encrypted, 
wherein said computer processor user table permitted activities 
comprise at least 1) read access to data stored in said data 
storage media, and wherein said user authorization for said read 
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access additionally comprises a decryption key for said 
encrypted stored data. 

15. (Withdrawn) A data storage cartridge for storing data for 
read/write access by a user of a data storage drive when mounted 
in said data storage drive, comprising: 

data storage media mounted in said data storage cartridge 
for storing said data for said read/write access; 

a wireless interface mounted in said portable data storage 
cartridge for receiving power and data from, and sending data 
to, said data storage drive when mounted in said data storage 
drive; and 

a computer processor mounted in said portable data storage 
cartridge separate from said data storage media, and coupled to 
said wireless interface; said computer processor powered by said 
wireless interface and receiving and transmitting data to said 
data storage drive via said wireless interface; said computer 
processor having a user table comprising at least a unique user 
identifier for each authorized user and at least one permitted 
activity said user is authorized to conduct with respect to said 
data storage media, said user identifier, when combined with a 
user authentication message from said authorized user in 
accordance with a predetermined algorithm, authorizes said user; 
said computer processor receiving said user authentication 
messages from said data storage drive via said wireless 
interface, combining said user authentication message with at 
least part of said user identifier from said user table in 
accordance with said predetermined algorithm to authorize or 
deny said user activity, and transmitting said user 
authorization or denial to said data storage drive via said 
wireless interface . 
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16. (Withdrawn) The data storage cartridge of Claim 15, wherein 
said wireless interface comprises an RF interface. 

17. (Withdrawn) The data storage cartridge of Claim 15, wherein 
each said user identifier comprises a user symbol and a user 
decrypting key, wherein said user authentication message 
comprises an encrypted user authentication message which may be 
decrypted by said user decrypting key, and wherein said computer 
processor conducts said combination by decrypting said user 
authentication message by said user decrypting key. 

18. (Withdrawn) The data storage cartridge of Claim 17, wherein 
said user decrypting key comprises a sender public key, and 
wherein said predetermined algorithm comprises a public key 
cryptographic algorithm. 

19. (Withdrawn) The data storage cartridge of Claim 18, wherein 
said user authentication message is encrypted by a sender 
private key and a receiver public key, and wherein said public 
key cryptographic algorithm decrypts said user authentication 
message employing a receiver private key and said sender public 
key, whereby said user authentication message is known to have 
come from said user. 

20. (Withdrawn) The data storage cartridge of Claim 15, wherein 
said computer processor user table permitted activities comprise 
a plurality of permitted activities, selected ones of which each 
of said users may be authorized to conduct, said permitted 
activities comprising 1) read access to data stored in said data 
storage media, 2) write access to data stored in said data 
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storage media, 3) read the user entry of said user table, 4) 
read all entries of said user table, 5) add entries to said user 
table, and 6) change/delete entries to said user table. 

21. (Withdrawn) The data storage cartridge of Claim 15, wherein 
said computer processor user table comprises a separate entry 
for each said user identifier and said permitted activity said 
user is authorized to conduct. 

22. (Withdrawn) The data storage cartridge of Claim 15 wherein 
said computer processor user table comprises a separate entry 
for each said user identifier, said entry comprising all said 
permitted activities said user is authorized to conduct. 

23. (Withdrawn) The data storage cartridge of Claim 15, wherein 
said computer processor additionally comprises a nonvolatile 
memory storing said user table. 

24. (Withdrawn) The data storage cartridge of Claim 15, wherein 
said computer processor additionally comprises a class table 
comprising at least a unique class identifier for each 
authorized class of users and at least one permitted activity 
said class of users is authorized to conduct with respect to 
said data storage media, said class identifier, when combined 
with a user authentication message from a user of said 
authorized class of users in accordance with said predetermined 
algorithm, authorizes said user; and wherein said computer 
processor additionally, upon receiving said user authentication 
messages from said data storage drive via said wireless 
interface, combining said user authentication message with said 
class identifier from said class table in accordance with said 



8 



TUC919990050US1 



Appl. No. : 09/435, 899 

Amdt. Dated: September 19, 2006 

Reply to Office Advisory Action: 09/01/2006 

predetermined algorithm to authorize or deny said class activity 
to said user, and transmitting said class authorization or 
denial to said data storage drive via said wireless interface. 

25. (Withdrawn) The data storage cartridge of Claim 24, wherein 
said computer processor user table additionally comprises any 
class membership of each said user, wherein said user may be 
authorized with respect to said class table either by said class 
authorization or by said user authorization. 

26. (Withdrawn) The data storage cartridge of Claim 24, wherein 
said computer processor user table and said class table 
permitted activities comprise a plurality of permitted 
activities, selected ones of which each of said users may be 
authorized to conduct, said permitted activities comprising 1) 
read access to data stored in said data storage media, 2) write 
access to data stored in said data storage media, 3) read all 
entries of said class table, 4) add entries to said class table, 
and 5) change/delete entries to said class table. 

27. (Withdrawn) The data storage cartridge of Claim 24, wherein 
said computer processor additionally comprises a nonvolatile 
memory storing said user table and said class table. 

28. (Withdrawn) The data storage cartridge of Claim 15, wherein 
said data stored in said data storage media is encrypted, 
wherein said computer processor user table permitted activities 
comprise at least 1) read access to data stored in said data 
storage media, and wherein said user authorization for said read 
access additionally comprises a decryption key for said 
encrypted stored data. 
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29. (Previously presented) A method for providing a portable 

secure interface to a data storage cartridge, said data storage 
cartridge having data storage media for storing data for 
read/write access by a user of a data storage drive when mounted 
in said data storage drive, and a wireless interface mounted in 
said portable data storage cartridge for receiving power and 
data from, and sending data to, said data storage drive when 
mounted in said data storage drive, said data storage cartridge 
having a user table separate from said data storage media, 
comprising at least a unique user identifier for each authorized 
user and at least one permitted activity said user is authorized 
to conduct with respect to said data storage media, said user 
identifier, when combined with a user authentication message 
from said authorized user in accordance with a predetermined 
algorithm, authorizes said user, said method comprising the 
steps of: 

receiving said user authentication messages from said data 
storage drive via said wireless interface; 

separate from said data storage media, combining said user 
authentication message with at least part of said user 
identifier from said user table in accordance with said 
predetermined algorithm to authorize or deny said user activity; 
and 

transmitting said user authorization or denial to said data 
storage drive via said wireless interface. 

30. (Original) The method of Claim 29, wherein each said user 
identifier comprises a user symbol and a user decrypting key, 
wherein said user authentication message comprises an encrypted 
user authentication message which may be decrypted by said user 
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decrypting key, and wherein said combining step comprises 
decrypting said user authentication message by said user 
decrypting key. 

31. (Original) The method of Claim 30, wherein said user 
decrypting key comprises a sender public key, and wherein said 
predetermined algorithm comprises a public key cryptographic 
algorithm. 

32 . (Original) The method of Claim 31, wherein said user 
authentication message is encrypted by a sender private key and 
a receiver public key, wherein said public key cryptographic 
algorithm decrypts said user authentication message employing a 
receiver private key and said sender public key, and wherein 
said combining step comprises decrypting said user 
authentication message by said receiver private key and said 
sender public key, whereby said user authentication message is 
known to have come from said user. 

33. (Original) The method of Claim 29, wherein said user table 
comprises a plurality of said permitted activities, selected 
ones of which each of said users may be authorized to conduct, 
said permitted activities comprising 1) read access to data 
stored in said data storage media, 2) write access to data 
stored in said data storage media, 3) read the user entry of 
said user table, 4) read all entries of said user table, 5) add 
entries to said user table, and 6) change/delete entries to said 
user table; and wherein said transmitting step comprises 
transmitting authorization to conduct the selected said user 
permitted activities said user is authorized to conduct. 
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34. (Original) The method of Claim 29, wherein said user table 
comprises a separate entry for each said user identifier and 
said permitted activity said user is authorized to conduct; and 
wherein said transmitting step additionally comprises 
identifying said user permitted activities from said separate 
entries . 

35. (Original) The method of Claim 29, wherein said step of 
providing said user table comprises a separate entry for each 
said user identifier, said entry comprising all said permitted 
activities said user is authorized to conduct; and wherein said 
transmitting step additionally comprises identifying said user 
permitted activities from said user separate entry. 

36. (Original) The method of Claim 29, wherein said data storage 
cartridge additionally comprises a class table comprising at 
least a unique class identifier for each authorized class of 
users and at least one permitted activity said class of users is 
authorized to conduct with respect to said data storage media, 
said class identifier, when combined with a user authentication 
message from a user of said authorized class of users in 
accordance with said predetermined algorithm, authorizes said 
user; 

wherein said combining step additionally comprises, upon 
receiving said user authentication messages from said data 
storage drive via said wireless interface, combining said user 
authentication message with said class identifier from said 
class table in accordance with said predetermined algorithm to 
authorize or deny said class activity to said user; and 
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wherein said transmitting step additionally comprises 
transmitting said class authorization or denial to said data 
storage drive via said wireless interface. 

37. (Original) The method of Claim 36, wherein said user table 
additionally comprises any class membership of each said user; 
and wherein said combining step additionally authorizes said 
user with respect to said class table either by said class 
authorization or by said user authorization. 

38. (Original) The method of Claim 36, wherein said user table 
and said class table comprise a plurality of permitted 
activities, selected ones of which each of said users may be 
authorized to conduct, said permitted activities comprising 1) 
read access to data stored in said data storage media, 2) write 
access to data stored in said data storage media, 3) read all 
entries of said class table, 4) add entries to said class table, 
and 5) change/delete entries to said class table; and wherein 
said transmitting step comprises transmitting authorization to 
conduct the selected said user and said class permitted 
activities said user is authorized to conduct. 

39. (Original) The method of Claim 29, wherein said data stored 
in said data storage media is encrypted, wherein said step of 
providing said user table permitted activities comprises 
providing at least 1) read access to data stored in said data 
storage media, and wherein said step of transmitting said user 
authorization for said read access additionally comprises 
transmitting a decryption key for said encrypted stored data. 
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40 . (Withdrawn) A computer program product usable with a 
programmable computer processor having computer readable program 
code embodied therein for providing a secure interface to a data 
storage cartridge having data storage media, said programmable 
computer processor mounted in said data storage cartridge 
separate from said data storage media, said data storage media 
for storing data for read/write access by a user of a data 
storage drive when mounted in said data storage drive, and a 
wireless interface mounted in said portable data storage 
cartridge for receiving power and data from, and sending data 
to, said data storage drive when mounted in said data storage 
drive, said computer program product comprising: 

computer readable program code which causes said 
programmable computer processor to provide a user table 
comprising at least a unique user identifier for each authorized 
user and at least one permitted activity said user is authorized 
to conduct with respect to said data storage media, said user 
identifier, when combined with a user authentication message 
from said authorized user in accordance with a predetermined 
algorithm, authorizes said user; 

computer readable program code which causes said 
programmable computer processor to receive said user 
authentication messages from said data storage drive via said 
wireless interface; 

computer readable program code which causes said 
programmable computer processor to, separate from said data 
storage media, combine said user authentication message with at 
least part of said user identifier from said user table in 
accordance with said predetermined algorithm to authorize or 
deny said user activity; and 
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computer readable program code which causes said 
programmable computer processor to transmit said user 

authorization or denial to said data storage drive via said 
wireless interface . 

41. (Withdrawn) The computer program product of Claim 40, wherein 
each said user identifier comprises a user symbol and a user 
decrypting key, wherein said user authentication message 
comprises an encrypted user authentication message which may be 
decrypted by said user decrypting key, and wherein said computer 
readable program code additionally causes said programmable 
computer processor to conduct said combination by decrypting 
said user authentication message by said user decrypting key. 

42. (Withdrawn) The computer program product of Claim 41, wherein 
said user decrypting key comprises a sender public key, and 
wherein said predetermined algorithm comprises a public key 
cryptographic algorithm. 

43. (Withdrawn) The computer program product of Claim 42, wherein 
said user authentication message is encrypted by a sender 
private key and a receiver public key, wherein said public key 
cryptographic algorithm decrypts said user authentication 
message employing a receiver private key and said sender public 
key, and wherein said computer readable program code 
additionally causes said programmable computer processor, in 
conducting said combination, to decrypt said user authentication 
message by said receiver private key and said sender public key, 
whereby said user authentication message is known to have come 
from said user. 
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44. (Withdrawn) The computer program product of Claim 40, wherein 
said computer readable program code additionally causes said 
programmable computer processor to provide in said user table a 
plurality of said permitted activities, selected ones of which 
each of said users may be authorized to conduct, said permitted 
activities comprising 1) read access to data stored in said data 
storage media, .2) write access to data stored in said data 
storage media, 3) read the user entry of said user table, 4) 
read all entries of said user table, 5) add entries to said user 
table, and 6) change/delete entries to said user table. 

45. (Withdrawn) The computer program product of Claim 40, wherein 
said computer readable program code additionally causes said 
programmable computer processor to provide in said user table a 
separate entry for each said user identifier and said permitted 
activity said user is authorized to conduct. 

46. (Withdrawn) The computer program product of Claim 40, wherein 
said computer readable program code additionally causes said 
programmable computer processor to provide in said user table a 
separate entry for each said user identifier, said entry 
comprising all said permitted activities said user is authorized 
to conduct. 

47. (Withdrawn) The computer program product of Claim 40, wherein 
said computer readable program code additionally causes said 
programmable computer processor: 

to provide a class table comprising at least a unique class 
identifier for each authorized class of users and at least one 
permitted activity said class of users is authorized to conduct 
with respect to said data storage media, said class identifier, 
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when combined with a user authentication message from a user of 
said authorized class of users in accordance with said 
predetermined algorithm, authorizes said user; 

in conducting said combination, upon receiving said user 
authentication messages from said data storage drive via said 
wireless interface, to combine said user authentication message 
with said class identifier from said class table in accordance 
with said predetermined algorithm to authorize or deny said 
class activity to said user; and 

in conducting said transmission, to transmit said class 
authorization or denial to said data storage drive via said 
wireless interface - 

48. (Withdrawn) The computer program product of Claim 47, wherein 
said computer readable program code additionally causes said 
programmable computer processor to provide in said user table 
any class membership of each said user, wherein said user may be 
authorized with respect to said class table either by said class 
authorization or by said user authorization. 

49. (Withdrawn) The computer program product of Claim 47, wherein 
said computer readable program code additionally causes said 
programmable computer processor to provide in said user table 
and said class table a plurality of permitted activities, 
selected ones of which each of said users may be authorized to 
conduct, said permitted activities comprising 1) read access to 
data stored in said data storage media, 2) write access to data 
stored in said data storage media, 3) read all entries of said 
class table, 4) add entries to said class table, and 5) 
change/delete entries to said class table. 



17 



TUC919990050US1 



Appl. No. : 09/435, 899 

Amdt. Dated: September 19, 2006 

Reply to Office Advisory Action: 09/01/2006 

50. (Withdrawn) The computer program product of Claim 40, wherein 
said data stored in said data storage media is encrypted, and 
wherein said computer readable program code additionally causes 
said programmable computer processor to provide in said user 
table permitted activities comprising at least 1) read access to 
data stored in said data storage media, and wherein said 
computer readable program code additionally causes said 
programmable computer processor to transmit in said user 
authorization for said read access, a decryption key for said 
encrypted stored data. 

51. (Withdrawn) A portable data storage cartridge, 
comprising: 

a wireless interface mounted in said portable data storage 
cartridge configured to receive power and data from, and send 
data to, a data storage drive, when in said data storage drive; 

data storage media; and 

a portable security system that resides in said portable 
data storage cartridge, comprising: 

a computer processor system residing in said portable 
data storage cartridge and configured to communicate with 
said wireless interface, and configured to receive power 
from said wireless interface; and 

a security system configured for operation of said 
portable data storage cartridge computer processor system 
arranged to authenticate each of separate users by 
combining a user authentication message received via said 
wireless interface, with a user identifier of a plurality 
of user identifiers previously stored by said computer 
processor system, said user identifiers comprising at least 
a unique user identifier for each authorized user, said 
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combining in accordance with a predetermined algorithm of 
said security system. 

52. (Withdrawn) The portable data storage cartridge of Claim 

51, wherein said portable data storage cartridge computer 
processor system is configured to store said user identifiers of 
said separate users in a user table of said computer processor 
system, said user table comprising said at least a unique user 
identifier for each authorized user and at least one permitted 
activity said user is authorized to conduct with respect to said 
data storage media, said security system combining said user 
authentication message with at least part of said user 
identifier from said user table in accordance with said 
predetermined algorithm to authorize or deny said user activity. 

53. (Withdrawn) The portable data storage cartridge of Claim 

52, wherein said portable data storage cartridge security system 
is arranged to operate said computer processor system to 
communicate user authentication or denial via said wireless 
interface . 

54. (Withdrawn) The portable data storage cartridge of Claim 
52, wherein said computer processor system user table permitted 
activities comprise a plurality of permitted activities, 
selected ones of which each of said users may be authorized to 
conduct, said permitted activities comprising 1) read access to 
data stored in said data storage media, 2) write access to data 
stored in said data storage media, 3) read the user entry of 
said user table, 4) read all entries of said user table, 5) add 
entries to said user table, and 6) change/delete entries to said 
user table. 
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55. (Withdrawn) The portable data storage cartridge of Claim 
52, wherein data stored in said data storage media is encrypted, 
wherein said computer processor system user table permitted 
activities comprise at least 1) read access to data stored in 
said data storage media, and wherein said user authorization for 
said read access additionally comprises a decryption key for 
said encrypted stored data. 

56. (Withdrawn) The portable data storage cartridge of Claim 
51, wherein said portable data storage cartridge security system 
is arranged such that each said previously stored user 
identifier comprises a user symbol and a user decrypting key, 
wherein said user authentication message comprises an encrypted 
user authentication message which may be decrypted by said user 
decrypting key, and wherein said portable data storage cartridge 
security system predetermined algorithm conducts said 
combination by decrypting said user authentication message by 
said user decrypting key. 

57 . (Withdrawn) The portable data storage cartridge of Claim 56, 
wherein said user decrypting key comprises a sender public key, 
and wherein said predetermined algorithm comprises a public key 
cryptographic algorithm. 

58. (Withdrawn) The portable data storage cartridge of Claim 
57, wherein said user authentication message is encrypted by a 
sender private key and a receiver public key, and wherein said 
public key cryptographic algorithm decrypts said user 
authentication message employing a receiver private key and said 
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sender public key, whereby said user authentication message is 
known to have come from said user. 

59. (Withdrawn) A portable security system configured to 
reside in a portable data storage cartridge, said portable data 
storage cartridge comprising a wireless interface mounted in 
said portable data storage cartridge configured to receive power 
and data from, and send data to, a data storage drive, when in 
said data storage drive; and data storage media; said portable 
security system comprising: 

a computer processor system configured to reside in said 
portable data storage cartridge, configured to communicate with 
said wireless interface, and configured to receive power from 
said wireless interface; and 

a security system configured for operation of said computer 
processor system arranged to authenticate each of separate users 
by combining a user authentication message received via said 
wireless interface, with a user identifier of a plurality of 
user identifiers previously stored by said computer processor 
system, said user identifiers comprising at least a unique user 
identifier for each authorized user, said combining in 
accordance with a predetermined algorithm of said security 
system. 

60. (Withdrawn) The portable security system of Claim 59, 
wherein said computer processor system is configured to store 
said user identifiers of said separate users in a user table of 
said computer processor system, said user table comprising said 
at least a unique user identifier for each authorized user and 
at least one permitted activity said user is authorized to 
conduct with respect to said data storage media, said security 
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system combining said user authentication message with at least 
part of said user identifier from said user table in accordance 
with said predetermined algorithm to authorize or deny said user 
activity. 

61. (Withdrawn) The portable security system of Claim 60, 
wherein said security system is arranged to operate said 
computer processor system to communicate user authentication or 
denial via said wireless interface. 

62. (Withdrawn) The portable security system of Claim 60, 
wherein said computer processor system user table permitted 
activities comprise a plurality of permitted activities, 
selected ones of which each of said users may be authorized to 
conduct, said permitted activities comprising 1) read access to 
data stored in said data storage media, 2) write access to data 
stored in said data storage media, 3) read the user entry of 
said user table, 4) read all entries of said user table, 5) add 
entries to said user table, and 6) change/delete entries to said 
user table. 

63. (Withdrawn) The portable security system of Claim 60, 
wherein data stored in said data storage media is encrypted, 
wherein said computer processor system user table permitted 
activities comprise at least 1) read access to data stored in 
said data storage media, and wherein said user authorization for 
said read access additionally comprises a decryption key for 
said encrypted stored data. 
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64. (Withdrawn) The portable security system of Claim 59, 
wherein said security system is arranged such that each said 
previously stored user identifier comprises a user symbol and a 
user decrypting key, wherein said user authentication message 
comprises an encrypted user authentication message which may be 
decrypted by said user decrypting key, and wherein said security 
system predetermined algorithm conducts said combination by 
decrypting said user authentication message by said user 
decrypting key. 

65. (Withdrawn) The portable security system of Claim 64, wherein 
said user decrypting key comprises a sender public key, and 
wherein said predetermined algorithm comprises a public key 
cryptographic algorithm. 

66. (Withdrawn) The portable security system of Claim 65, 
wherein said user authentication message is encrypted by a 
sender private key and a receiver public key, and wherein said 
public key cryptographic algorithm decrypts said user 
authentication message employing a receiver private key and said 
sender public key, whereby said user authentication message is 
known to have come from said user. 
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